Hi All,
I’m currently testing Grafana with Elasticsearch as a data source to send alerts when specific messages appear in our logs. In Explore, I can successfully search through the logs. However, when I set up an alert to trigger on a specific word in the logs, the alert doesn’t include the log message in the alert labels.
I’ve attempted several approaches, such as grouping by message or message.keyword, but these attempts either cause the alert to fail entirely or don’t produce the desired result.
Does anyone have experience with this or an example of an alert configuration that successfully includes the log message in the alert labels?
Environment Details:
- Elasticsearch Version: 7.17.0
- Grafana Version: 11.3.0
Grafana Datasource settings:
Grafana alert shows data without grouping:
Grafana alert not working with grouping:
Grafana alert not working with grouping - not showing additional label:
Showing there is data that can be queried by term (redacted data):
Any advice or examples would be greatly appreciated!
Thanks!